I’ve just read it (and reviewed it at length elsewhere – I’ll give you more details if the article is accepted): it’s a good read. Not really about malware, more about defensive programming and building in security from the beginning of the development process. While the emphasis is on Cocoa and Objective-C, many of the general principles apply elsewhere.